package com.lifeng.controller;

import com.lifeng.bean.User;
import com.lifeng.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.annotation.Resource;
import java.util.List;

/**
 * Created by lifeng on 2019/8/9.
 */
@Controller
@RequestMapping("/sys/user")
public class UserController {
    @Resource
    private UserService userService;
    @Resource
    private SessionRegistry sessionRegistry;

    @PreAuthorize("@pms.hasPermission('sys:user:list')")
    @RequestMapping("/list")
    @ResponseBody
    public List<User> list(){
        //模拟操作数据库
        return null;
    }
    @PreAuthorize("@pms.hasPermission('sys:user:add')")
    @RequestMapping("/add")
    @ResponseBody
    public String add(){
        //模拟操作数据库
        return "add ok";
    }

    @PreAuthorize("@pms.hasPermission('sys:user:delete')")
    @RequestMapping("/delete")
    @ResponseBody
    public String delete(){
        //模拟操作数据库
        return "delete ok";
    }

    @PreAuthorize("@pms.hasPermission('sys:user:update')")
    @RequestMapping("/update")
    @ResponseBody
    public String update(){
        //模拟操作数据库
        return "update ok";
    }

    @RequestMapping("/test")
    @ResponseBody
    public Object test(){
        List<Object> allPrincipals = sessionRegistry.getAllPrincipals();
        return allPrincipals;
    }
}
